文章基本信息

标题：Toward Fine-grained Data-level Access Control Model for Multi-tenant Applications
本地全文：下载
作者：Kun Ma ; Weijuan Zhang ; Zijie Tang 等
期刊名称：International Journal of Grid and Distributed Computing
印刷版ISSN：2005-4262
出版年度：2014
卷号：7
期号：2
页码：79-88
DOI：10.14257/ijgdc.2014.7.2.08
出版社：SERSC
摘要：Cloud computing presents new security and privacy challenges to control access to multi- tenant applications in the cloud. However, this solution has more challenges once the number of access control list (ACL) increases in the cloud, such as efficiency of policy resolution, multi-tenancy and data isolation. To address these limitations, this paper describes a fine- grained data-level access control model (FDACM) suitable for multi-tenant applications where role-based and data-based access control are both supported. Lightweight expressions are proposed to present complicated policy rules in our solution. Moreover, we discuss the most important part of FDACM in detail: query privilege model and decision privilege model. Furthermore, we also propose the architecture and authorization procedure which implements these two models. Some technical implementation details together with the performance results from the prototype are provided. Finally, a case study of FDACM is illustrated to evaluate the effect of the application in practice.
关键词：Multi-tenancy; Access Control; Role Based Access Control; Cloud Computing